﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using WebApplicationFileSys.Models;

namespace WebApplicationFileSys.Filter
{
    /// <summary>
    /// 登录过滤器
    /// </summary>
    public class LoginFilter : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            var user = filterContext.HttpContext.Session[KeyValueConfig.KeyUserSession];
            if (user == null)
            {
                filterContext.Result = new RedirectResult("/LoginHandle/LoginView");
                return;
            }

            //核心资源，需要管理员权限访问
            if (!string.IsNullOrWhiteSpace(Roles) && Roles.Equals("admin"))
            {
                string adminAccount = System.Configuration.ConfigurationManager.AppSettings["user_admin"];
                bool isAdmin = user.Equals(adminAccount);
                if (!isAdmin)
                {
                    filterContext.HttpContext.Response.StatusCode = 403;
                    filterContext.Result = new RedirectResult("/home/p403");
                    return;
                }
            }

        }


    }
}